Opened 14 years ago

Closed 14 years ago

#435 closed defect (invalid)

Can't save page after Intergrating Xinha into Phpwebed

Reported by: V Owned by: gogo
Priority: normal Milestone:
Component: Xinha Core Version:
Severity: normal Keywords:
Cc:

Description

Hello,

I have Xinha up and running in the text area of the CMS Phpwebed (Please see http://www.m-tecs.net/phpwebed/example1.php) for a demo.

I'm unable to save any changes I make after Xinha is integrated. After modifying some text with Xinha and clicking the Save Button in Phpwebed the page refreshes but doesn’t post any of the changes to the Phpwebed file.

Maybe you can help me out here is the code.

<?

include "config.inc.php";
include "$phpWebEd_language.inc.php";

if (!check_user()) {
	echo "$no_auth_str\r\n";
	exit;
}
if ($content == "") {
    echo "Access denied! \r\nWrong parameter count.\r\n";
    exit;
}
$contentfile = $phpWebEd_dir . "/contents/" . $content . ".html";
if (is_file($contentfile)) {
    $status = "$content_modified_str<br>" . date("Y-m-d H:i:s", filemtime($contentfile));
} else {
    if ($fp = @fopen($contentfile, "w")) fclose($fp);
    else {
        echo "Error reading/writing file! \r\nPlease check the file permissions.\r\n";
        exit;
    }
}
if ($content != "" && isset($htmlsource)) {
    if ($edtype != "ax") {
        $is_tag = False;
        for ($i = 0; $i <= strlen($htmlsource); $i++) {
            if ($htmlsource[$i] == "<") $is_tag = True;
            if ($is_tag) $tmp .= $htmlsource[$i];
            else $tmp .= htmlentities($htmlsource[$i]);
            if ($htmlsource[$i] == ">") $is_tag = False;
        }
        $htmlsource = $tmp;
    }
    copy($contentfile, $contentfile . ".bak");
    $fp = fopen($contentfile, "w");
    if ($only_trusted_tags == 1) $htmlsource = strip_tags($htmlsource, $trusted_tags);
    fwrite($fp, stripslashes($htmlsource));
    if (fclose($fp)) {
        if ($edtype == "ax") echo "OK\r\n";
        else echo "<script language=\"JavaScript\">opener.location.reload();\n window.close();</script>";
    }
    exit;
}
if ($imagefile != "" && $imagefile_name != "") {
   set_time_limit(120);
   $new_imagefile = $phpWebEd_dir . "/contents/" . $imagefile_name;
   if (copy($imagefile, $new_imagefile)) echo "OK\r\n";
   exit;
}	
if ($deleteimage != "") {
   if (unlink($phpWebEd_dir . "/contents/" . $deleteimage)) echo "OK\r\n";
   exit;
}
?>
<html>
<head>
<? echo "<title>$content - $editor</title>";?>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript">
<!--
function ok() {
   <? 
   echo "document.editform.submit();";
   ?> 

}
function cancel() {
   <? 
   echo "window.close();";
   ?>     
}
//-->
</script>
<script type="text/javascript">
   _editor_url = "/xinha/";
   _editor_lang = "en";
</script>

    <!-- load the main HTMLArea file -->
    <script type="text/javascript" src="/xinha/htmlarea.js"></script>
    <script type="text/javascript" src="/xinha/my_config.js"></script>
    
    </head>

<body bgcolor="#DDDDDD" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellspacing="0" cellpadding="0" height="100%">
  <tr> 
    <td width="10%" align="center" valign="top" bgcolor="#666666"> 
      <p>&nbsp;</p>
      <p><a href="javascript:ok();"><img src="images/ok.gif" width="40" height="40" border="0"></a><br>
        <font face="Verdana, Arial" size="1" color="#FFFFFF"><? echo $edit_save_str;?></font></p>
      <p><a href="javascript:cancel();"><img src="images/cancel.gif" width="40" height="40" border="0"></a><br>
        <font face="Verdana, Arial" size="1" color="#FFFFFF"><? echo $edit_cancel_str;?></font></p>
    </td>
    <td width="90%" rowspan="2" align="center" valign="middle"><?
   if ($edtype == "ax") {
    ?>
      
      
<?
}
else {
    ?>      
<script language="JavaScript">
<!--
function newhtml(code) {
	document.editform.htmlsource.value += code;
	document.editform.htmlsource.focus();
}
function format(format) {
	if (format == 'B') ptext="<? echo $format_bold_str;?>";
	if (format == 'I') ptext="<? echo $format_italic_str;?>";
	if (format == 'U') ptext="<? echo $format_underline_str;?>";
	if (format == 'CENTER') ptext="<? echo $format_center_str;?>";
	if (format == 'BIG') ptext="<? echo $format_big_str;?>";
	if (format == 'SMALL') ptext="<? echo $format_small_str;?>";
	text = prompt("<? echo $format_str;?>"+ptext,"");     
	if (text != "" && text != null) {           
		code = "<"+format+">"+text+"</"+format+">";
		newhtml(code);
	}  
}
function list(format) {
	text = prompt("<? echo $list_first_str;?>","");     
	if (text != "" && text != null) { 
		code = "\n<"+format+">\n";
		while (text != "" && text != null) {
			code += " <LI>"+text+"\n";
			text = prompt("<? echo $list_next_str;?>","");
		}
		code += "</"+format+">";
		newhtml(code);
	}  
}
function link() {
	text = prompt("<? echo $link_url_str;?>","http://");
	if (text != "" && text != null) { 
		code = "<A HREF=\""+text+"\">";
		text2 = prompt("<? echo $link_name_str;?>","");
		if (text2 == "" || text2 == null) text2 = text;
		code += text2+"</A>";
		newhtml(code);
	}  
}
//-->
</script>
      <table border="0" cellspacing="0" cellpadding="5">
        <tr> 
          <td nowrap><img onClick="format('B')" src="images/bold.gif" alt="<? echo $pic_bold_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('I')" src="images/italic.gif" alt="<? echo $pic_italic_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('U')" src="images/underline.gif" alt="<? echo $pic_underline_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="format('CENTER')" src="images/center.gif" alt="<? echo $pic_center_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="format('BIG')" src="images/big.gif" alt="<? echo $pic_big_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('SMALL')" src="images/small.gif" alt="<? echo $pic_small_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="list('OL')" src="images/ol.gif" alt="<? echo $pic_ol_str;?>" width="23" height="22" border="0"> 
            <img onClick="list('UL')" src="images/ul.gif" alt="<? echo $pic_ul_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="link()" src="images/link.gif" alt="<? echo $pic_link_str;?>" width="23" height="22" border="0">&nbsp;&nbsp;&nbsp; 
            <img onClick="newhtml('<BR>')" src="images/br.gif" alt="<? echo $pic_br_str;?>" width="23" height="22" border="0"> 
          </td>
          <td align="right" nowrap><font face="Verdana, Arial, Helvetica, sans-serif" size="1"> 
            <a href="http://www.m-tecs.net/phpwebed/" target="_blank">phpWebEd 
            <? echo $phpWebEd_version;?>
            </a> </font></td>
    </tr>
    <form name="editform" method="post" action="<? echo $PHP_SELF;?>">
      <tr> 
        <td nowrap colspan="2"> 
          <textarea name="htmlsource" cols="60" rows="18" wrap="VIRTUAL" style="width: 100%" id="htmlsource"><?
		  if (!($fp = @fopen($contentfile, "r"))) echo "Error reading file";
		  else {
			$htmlsource = fread($fp, filesize($contentfile));
			fclose($fp);
			echo $htmlsource;
		  }
          ?></textarea>
          <input type="hidden" name="content" value="<? echo $content;?>">
        </td>
      </tr>
    	<tr>
			<td><input type="submit" value=">>  Submit  >>"></td>
		</tr>
    </form>
  </table>
<?
}
?>  
    </td>
  </tr>
  <tr>
    <td valign="bottom" bgcolor="#666666"><font size="1" face="Arial, Helvetica, sans-serif" color="#DDDDDD"><? echo $status;?></font></td>
  </tr>
</table>
</body>
</html>

Thanks,

V

Change History (2)

comment:1 Changed 14 years ago by niko

does it work if you use a textarea without xinha?
what do you get on print_r($_POST); in the save-page?

comment:2 Changed 14 years ago by gogo

  • Resolution set to invalid
  • Status changed from new to closed

Errors in the javascript console?

I'd suggest you wrap $htmlsource in htmlspecialchars to be safe.

And finally, move this discussion to the forums, I don't think this will be a Xinha bug.

Note: See TracTickets for help on using tickets.